CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7057
https://notcve.org/view.php?id=CVE-2015-7057
otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049. otools en Apple Xcode en versiones anteriores a 7.2 permite a usuarios locales obtener privilegios o provocar una denegación de servicio (corrupción de memoria) a través de una archivo mach-o manipulado, una vulnerabilidad diferente a CVE-2015-7049. • http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html http://www.securitytracker.com/id/1034340 https://support.apple.com/HT205642 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7082
https://notcve.org/view.php?id=CVE-2015-7082
Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases. Múltiples vulnerabilidades no especificadas en Git en versiones anteriores a 2.5.4, como se utiliza en Apple Xcode en versiones anteriores a 7.2, tienen impacto y vectores de ataque desconocidos. NOTA: ésta CVE esta asociada solo con casos de uso Xcode. • http://lists.apple.com/archives/security-announce/2015/Dec/msg00004.html http://www.securitytracker.com/id/1034340 https://github.com/git/git/blob/master/Documentation/RelNotes/2.5.4.txt https://support.apple.com/HT205642 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-7030
https://notcve.org/view.php?id=CVE-2015-7030
The Swift implementation in Apple Xcode before 7.1 mishandles type conversion, which has unspecified impact and attack vectors. La implementación de Swift en Apple Xcode en versiones anteriores a 7.1 no maneja correctamente la conversión de tipo, lo que tiene un impacto y vectores no especificados. • http://lists.apple.com/archives/security-announce/2015/Oct/msg00008.html http://www.securitytracker.com/id/1033930 https://support.apple.com/HT205379 • CWE-17: DEPRECATED: Code •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5909
https://notcve.org/view.php?id=CVE-2015-5909
IDE Xcode Server in Apple Xcode before 7.0 does not properly restrict access to repository e-mail lists, which allows remote attackers to obtain potentially sensitive build information in opportunistic circumstances by leveraging incorrect notification delivery. Vulnerabilidad en IDE Xcode Server en Apple Xcode en versiones anteriores a 7.0, no restringe adecuadamente el acceso al repositorio de las listas de correo electrónico, lo que permite a atacantes remotos obtener información potencialmente sensible de revisión en circunstancias oportunistas aprovechando la entrega de notificaciones incorrectas. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html http://www.securitytracker.com/id/1033596 https://support.apple.com/HT205217 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2015-5910
https://notcve.org/view.php?id=CVE-2015-5910
IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which allows remote attackers to obtain sensitive information by sniffing the network. Vulnerabilidad en IDE Xcode Server en Apple Xcode en versiones anteriores a 7.0, no asegura que el tráfico del servidor esté cifrado, lo que permite a atacantes remotos obtener información sensible husmeando la red. • http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html http://www.securitytracker.com/id/1033596 https://support.apple.com/HT205217 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •